The Italian firm Tiger Security is one of the companies in charge to monitor cyber security of the Brazil 2014 World Cup, in these hours its experts have issued an interesting report titled “Lo stato dell’arte della guerriglia digitale in occasione della Coppa del Mondo 2014 in Brasile ” (in English The State of the Art of Digital Guerrilla during the 2014 Brazilian World Cup).
As explained in the report, the various protests have had a significant counterpart in cyberspace, a multitude of actors in various ways has targeted the assets of the government, private companies and associations involved in the management of the event.
These events highlight the convergence of the physical targets with digital ones, favored and also conveyed by the massive use of technology and computer networks.
The 12 cities where the matches are hosted, are considered to be among the main objectives of the hacktivists, last week I have published a post on the numerous cyber attacks belonging to the #OpHackingCup observed in concomitants of the Brazil 2014 World Cup. Security experts collected evidence for the violations of institutional systems and utilities of the various municipalities, resources critical for the successful reception of the tourist flow generated from the sporting event.
While Brazilians are protesting in the streets in the main cities of the country against the organizers of the Brazil 2014 World Cup, hackers are targeting with DDoS attacks and spear phishing campaigns members and infrastructure belonging to the principal organizations involved in the sporting event.
The attacks started months ago as it is explained in the report, early February 2014 Tiger Security has identified a new malware linked to the Brazil 2014 World Cup. The malware dubbed Banload was proposed as a supposed desktop version of the popular messaging service WhatsApp, in reality the malicious code is a banking Trojan. Investigation demonstrated that the malware was implemented with the classic style of a Brazilian-created malware.
A few days before the official beginning of the competition, the email accounts of employees of the Ministry of Foreign Affairs were compromised by a spear phishing attack conducted by a group of hacktivists.
Recently, the DDoS attacks grew in number targeting official government websites (e.g. Ministry of Employment and Labor, the Ministry of Sport). Attackers adopted an old-fashioned technique called Web Hive in which network of volunteers are “lending” their web browser to use it as a gun for a denial of service attack.
Not only hacktivists are a threat for the sporting event, The Brazil 2014 World Cup represents an excellent occasion for cyber criminals to trick users with social engineering techniques into downloading any kind of malicious content. Of course mobile users are a privileged target for cyber criminals, different World Cup-themed malicious apps have been detected by security experts in this period, Trend Micro recently warned users of the presence of fake versions of World Cup 2014 Apps. According to malware researchers more than 375 spurious apps are targeting Android users that are downloading them from third-party app stores.
As explained in the report issued by Tiger Security Firm, the number of cyber attacks will continue to grow, many actors for different purposes will increase their pressure on this competition and on future events in the country. Next October the Brazil will hold the elections, another unique opportunity for anyone wishing to influence the political balance of the country, bad actors could operate under the name of the popular collective Anonymous as already happened in the past.
Stay Tuned and enjoy the report issued by the Tiger Security firm.
(Security Affairs – Brazil 2014 World Cup, hacking)